1/25/2024 0 Comments Backbox social engineering toolkit![]() In addition to the security-testing tools, BackBox supplies several privacy-protection tools, including Tor, Polipo, and a default private-browsing profile for Firefox. ![]() It seems like creating a phishing email attack to target one's IT staff may be tangential to performing a system security audit, but I suppose there is room for disagreement on that point. Simulating denial-of-service attacks, testing wireless networks and Scanning (such as fingerprinting hosts and web application frameworks), There are utilities for passive network reconnaissance, active On the whole, the BackBox tools cover the major security testing topics There are just two VoIP Analysis tools, SIPcrack and SIPVicious. Technically several of the password-cracking utilities under Privilege Escalation can also be used to crack encrypted files for forensic purposes. The options in the file analysis menu are specific to particular file types, such as PDFs or Windows Thumbs.db files. ![]() Forensics includes disk rescue, data recovery, and file analysis tools. In Xfce's main applications menu, BackBox splits its security test kit into a top-level "Audit" menu of its own, sorting the tools into a task-based hierarchy: Information Gathering (which includes general network scanning tools as well as fingerprinting), Vulnerability Assessment, Exploitation, Privilege Escalation (which includes network sniffing, spoofing, and password cracking), Maintaining Access, Forensic Analysis, VoIP Analysis, Wireless Analysis, Stress Tools, and Miscellaneous. Of course, on the "numbers" front, some of the packages are veritable Swiss-army-knives themselves, such as the Metasploit Framework, which provides access to numerous utilities, and some are really just useful system packages, such as NTFS filesystem tools. This is still true,īut if the raw number of tools is truly important-which is a bit questionable-BackBox is making steady Users who fall on the BackTrack side of theīackBox-versus-BackTrack rivalry often point out that the olderĭistribution offers a significantly larger tool count. It is possible that some of the tools are part of a larger package, but inĪny case, it makes for a substantial increase in the offerings over the Programs, which is up from 49 in BackBox 1. By my count, BackBox 2 ships 77 security testing Speaking of the tools, the auditing and testing packages added by theīackBox project make up for the largest set of changes from a generic Fortunately, most of the security tools provided by BackBox run perfectly well in the console environment (although you have access to some nice visualization tools in the network analysis section when running Xfce). Minimizing the overhead is no doubt a concern there as well. Obviously one usage of this option is to enable older hardware to serve as the testing and auditing platform, but the project wiki also points out that BackBox can be used on beefier systems to perform processor-intensive tasks like brute-force decryption and password-cracking. Xfce is intended to serve as a slim-resource environment, but if even that is too memory-intensive, the BackBox bootloader has a command-line-only entry as well. ![]() Once booted, you can choose to install to a hard disk. As is the case with vanilla Ubuntu, BackBox 2 can run from optical disc or as a live USB image, complete with persistent storage. 32-bit and 64-bit images are provided (Bittorrent and HTTP downloads), and weigh in at 924 and 945 MB, respectively. However, the ISO images provided for download strip out large swaths of irrelevant packages, replacing the default GNOME environment with Xfce and Fluxbox. BackBox definitely draws on BackTrack for inspiration, although there are some important differences in content and in the way the distributions are managed.īackBox is built on top of Ubuntu, and the 2.0 release uses 11.04 as its base. Immediately brings to mind one of the more established projects in this To those who follow pen-test distributions, the name "BackBox" BackBox reached its 2.0 release on September 3, with a substantial increase in the tool set it provides. One of the newer players in the game is BackBox (not to be confused with BlackBox), a lightweight, community-built pen-testing distribution capable of running in liveUSB mode or as a permanent install. Security- and penetration-testing Linux distributions are a niche market, but a competitive one. This article was contributed by Nathan Willis
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |